Date: Sun, 09 Dec 2001 09:52:32 -0500 From: Bill Moran <wmoran@potentialtech.com> To: jacks@sage-american.com Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Intruder attempts? Message-ID: <3C137AB0.6090807@potentialtech.com> References: <3.0.5.32.20011209075850.0101cb38@mail.sage-american.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Check the archives. I believe this is an attept to use a security hole that existed at one time in the Linux version of NFS. To my knowledge, this attack has never been useful against FreeBSD. jacks@sage-american.com wrote: > I've noticed this often on the console of the server and appears to be > intruder attempts to login: This is just a snipet: > > <snip/> > server1.net kernel log messages: > >>Dec 8 03:41:47 sage-one rpc.statd: invalid hostname to sm_stat: >> > ^X\M-w\M^?\M-?^X\M-w\M^?\M-?^Y\M-w\M^?\M-?^Y\M-w\M^?\M-?^Z\M-w\M^?\M-?^Z\M-w > \M^?\M-?^[\M-w\M^?\M-?^[\M-w\M^?\M-?%8x%8x%8x%8x%8x%8x%8x%8x%8x%236x%n%137x% > n%10x%n%192x%nM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^P > </snip> -- Bill Moran Potential Technology http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C137AB0.6090807>